index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
sbin
/
iked
/
config.c
Age
Commit message (
Expand
)
Author
2015-11-18
pledge exposed a simple bug: the unprivileged child tried to print the
Reyk Floeter
2015-10-19
Remove the ikev1 stub - Since I started iked, it has an empty privsep
Reyk Floeter
2015-10-15
Remove some unnecessary NULL-checks before free(). Change two bzero()
mmcc
2015-08-21
Switch iked to C99-style fixed-width integer types.
Reyk Floeter
2015-07-07
repair policy-ikesa-linking by replacing the broken RB_TREE w/TAILQ
Markus Friedl
2015-02-06
unneeded getopt.h
Theo de Raadt
2015-01-16
Replace <sys/param.h> with <limits.h> and other less dirty headers where
Theo de Raadt
2014-12-03
Init SPI using arc4random_buf, rather than (r << 32) | r
Theo de Raadt
2014-10-08
trivial use of reallocarray()
Theo de Raadt
2014-05-06
change the create-child-sa responder code, so it does not store any
Markus Friedl
2014-05-06
initiate ike sa rekeying (ikesalifetime keyword), re-queue pfkey
Markus Friedl
2014-05-06
cleanup IKE-SA tree handling (fixes repeated-insert & double-remove)
Markus Friedl
2014-05-06
initial support for PFS; ok reyk@
Markus Friedl
2014-04-22
Update iked to use the same proc.c that relayd uses.
Reyk Floeter
2014-02-17
interpret 'config address net/prefix' as a pool of addresses and
Markus Friedl
2014-02-17
basic OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"'
Markus Friedl
2014-01-24
use a bit saner timer api
Mike Belopuhov
2013-12-03
never cast to sockaddr_storage, always cast to the abstract 'class' sockaddr
Markus Friedl
2013-11-28
don't leak duplicate flows; ok mikeb@
Markus Friedl
2013-10-24
no need for netinet/ip_var.h (and friends)
Theo de Raadt
2013-03-21
remove excessive includes
Theo de Raadt
2013-01-08
Remove private CVS tag from an obsolete repository and bump copyright
Reyk Floeter
2012-12-15
Remove unused variables.
Reyk Floeter
2012-10-22
Fix NAT-T support in iked, both on the initiator and the responder
Reyk Floeter
2012-09-18
update email addresses to match reality.
Reyk Floeter
2012-07-02
Don't close IKE SA immediately after creating a new one when rekeying.
Mike Belopuhov
2012-06-22
Add initial support for retransmition timeouts and response retries.
Mike Belopuhov
2011-07-05
fix memcpy sizeof. found by jsg. ok deraadt krw mikeb
Ted Unangst
2011-05-09
rename functions in proc.c to proc_* and move some code from imsg_util.c to
Reyk Floeter
2011-05-05
rename iked_proc* to privsep_proc*. no functional change.
Reyk Floeter
2011-04-18
When the kernel wants to acquire an SA for an unknown flow, lookup a
Reyk Floeter
2011-01-26
get rid of acquire flows completely, as they tend to pass traffic
Mike Belopuhov
2011-01-21
Reimplement the iked(8) policy evaluation for incoming connections to
Reyk Floeter
2011-01-21
split pfkey initialization into a privileged and unprivileged part to
Reyk Floeter
2011-01-12
postpone processing of pfkey messages received in pfkey_reply instead of
Mike Belopuhov
2010-12-22
child sa rekeying revamp plus numerous bugfixes;
Mike Belopuhov
2010-06-14
More code for initiator mode (not finished yet)
Reyk Floeter
2010-06-10
add new commands: the couple/decouple commands will set loading of the
Reyk Floeter
2010-06-10
Add another tree to lookup policy SAs by peer address.
Reyk Floeter
2010-06-03
Import iked, a new implementation of the IKEv2 protocol.
Reyk Floeter
